Transcription

1 Winning Strategies for Delivering Premium VPN Services to the Always-on Enterprise By R. Latraverse Technology executives in always-on enterprises face daunting challenges as they transition to an all-ip world, develop high-performance application delivery strategies and implement security measures for the new converged environment, while ensuring business continuity and controlling costs. Given the pressure to improve business efficiency and quickly respond to shifting market opportunities, new, multimedia and on-demand applications are becoming integral to every process of the modern enterprise. This new environment shifts technology management focus away from a network-oriented to an application-oriented paradigm. Despite this shift, the new orientation raises the importance of the network, because network performance and high availability in the converged, around the clock environment are directly linked to Quality of Experience (QoE) and the bottom line. Strategies that directly address these new market dynamics require more than single-purpose, commodity-networking services. A cutting-edge network service provider offers a portfolio of managed Premium VPN services that underpin additional value-added services and applications. Key attributes of Premium VPN services include: Resiliency and reliability for always-on and secure services Any mix of Layer 2 Carrier Ethernet VPN services and Layer 3 IP VPN services over a single (or multiple) access facility to meet enterprise preferences Service-oriented QoS to meet simultaneous requirements of multiple diverse applications Ubiquitous access from any enterprise location End-to-end Service Level Agreements (SLAs) that demonstrate what is paid for is delivered End-to-end service management for rapid fault isolations, provisioning and reporting Web-based customer portals to allow enterprise visibility and control in an outsourced business model The Drive Toward Convergence With an eye on cost control, enterprise technology organizations are choosing managed Premium VPN services for the convergence of multiple autonomous networks. These VPN services typically save 25-45% over a non-converged legacy network solution and enable additional savings. For example, increased bandwidth provided via Ethernet access to the VPN enables server centralization, saving both capital (CAPEX) and operational (OPEX) expenditures. Internet access for an enterprise can be provided from a single central location, and accessed from other locations via their VPN, to eliminate duplicate Internet access costs. Security, management and administration are also simplified, and technology staffing requirements are reduced. However, convergence offers more than cost savings. Premium VPNs provide the voice, video and data bandwidth needed for unified communications and the new breed of collaboration and presence-based services. The challenge is how to achieve the benefits of convergence without sacrificing the performance inherent in built-to-task networks. enriching communications > volume 1, issue 2 >

2 44% of enterprises have at least partially converged their voice and data networks. 51% of enterprises will do so within a year. Source: 2006, WAN Manager Survey, IDC Premium VPN services are more demanding on IP networks than those deployed in the late 1990s and early 2000s. They rely on the combined cost benefits, simplicity, transparency and scalable bandwidth of Ethernet with the stable quality, reliability and scalability of IP/MPLS. The three key services of a Premium VPN portfolio are: Layer 3 IP-VPNs (RFC 4364, superseding RFC 2547bis) Layer 2 Carrier Ethernet VPNs enabled by VPLS (RFC 4762) a Metro Ethernet Forum (MEF) E-LAN service Virtual Private Wire Service (VPWS) also known as Virtual Leased Line (VLL) an MEF E-Line service Layer 2 and Layer 3 VPNs in the Service Mix The fact that VPLS-enabled Carrier Ethernet VPNs and IP VPNs both provide any-to-any services raises a question: can the service portfolio be simplified further by offering just one of them? Research from Alcatel-Lucent and others consistently confirms that both are needed in the service mix to address the needs of different enterprises. Two principal selection criteria for choosing a VPLS-based Carrier Ethernet VPN are: Desire to maintain routing control as currently with legacy services The need to carry non-ip traffic However, for some organizations, such as many small and medium enterprises, neither criterion is an issue, and IP VPNs are the preferred option. Other organizations need both Carrier Ethernet VPN and IP VPN services. Alcatel-Lucent research of very large enterprises indicated a preference for Layer 2 Ethernet services for high bandwidth requirements between main corporate centers, but Layer 3 IP VPN services to reach numerous small sites like sales offices or retail outlets. These findings confirm that service providers must offer both types of multipoint service to address market requirements fully. Regardless of the preference, the service requirements are often the same. In fact, leading service providers offering both IP VPN and VPLS-enabled Carrier Ethernet VPN services are offering both with feature parity with respect to bandwidth offered, QoS policies, SLAs and even price. QoS Essential for Superior Quality of Experience The variety of applications sharing the converged network mandates that it provide differentiated performance levels. For example, VoIP and video are unusable with excessive network delay (latency) or jitter; interactive applications such as SAP or Citrix are insensitive to jitter but slow response times often relate to latency and directly tie to quality of experience. Yet other applications, such as , are more tolerant of network performance. enriching communications > volume 1, issue 2 >

3 Figure 1: H-QoS Enabled Service Bundling Over a Converged Ethernet Uplink Prioritize services and applications Service aggregate traffic parameters Individual applications get reserved bandwidth Service-aware H-QoS allows for creation of tailored service bundles Service #1 Voice Service #1 IP-VPN CIR = 30 Mb/s PIR = 30 Mb/s Video Data CPE GbE Service #2 VPLS CIR = 10 Mb/s PIR = 10 Mb/s Internet Voice Data Internet GbE 7750 SR Service #2 IP/MPLS Service Network Service providers have offered multiple QoS levels for many years to address varied application requirements, but adoption has not been universal. Many enterprises preferred to accept the limitations of a single QoS level, or use a site-specific WAN acceleration appliance to boost local performance. However, large-scale introduction of enterprise VoIP and increased outsourcing are two trends that limit single-level QoS as a viable enterprise solution. One Third of Organizations are committed to moving entirely to VoIP. Source: 2007 Nemertes Research According to Nemertes Research, one third of U.S. organizations are deploying VoIP and are committed to moving to it entirely; 20% have already done so. To accommodate growing VoIP and videoconferencing requirements, 70% of enterprises have identified the need for a QoS level strategy that includes real-time performance, according to a 2007 survey by Heavy Reading (Table 1), in addition to other QoS levels to support their business applications. Simple, port-based QoS is insufficient to meet enterprises emerging network convergence requirements. For maximum flexibility, the service provider must support tiered SLAs that accommodate multiple services (e.g., a mix of Carrier Ethernet VPNs or IP-VPNs, E-Line or Internet access) via a common access facility with multiple levels of QoS within each service. In contrast to routers designed for enterprise or Internet-only applications, service routers supporting all these services plus QoS with hierarchical scheduling (H-QoS) meet this need and give service providers the flexibility to tie network performance to application requirements. enriching communications > volume 1, issue 2 >

5 Reliability is Mandatory Service providers must provide uninterrupted services to meet stringent SLA commitments and ensure access to business critical applications and services. Extremely high reliability is especially critical in a converged environment since application support is concentrated on a single network. Service reliability must be built into every element of network design to ensure services are protected against service outages caused by hardware, IP routing or link failures; malicious denial of service (DoS) attacks; software upgrades; or router configuration errors. Service providers must also ensure they have the management systems to minimize costly downtime by quickly and efficiently diagnosing and troubleshooting problems. Three key operational areas have an impact on assuring always-on services: Network outage mitigation Timely fault isolation Streamlined operations and maintenance Service router role in mitigating network outages Robust service router design minimizes outages by ensuring high hardware availability and routing resiliency in addition to providing mechanisms that mitigate unavoidable network faults. Critical capabilities include: Non-stop routing Non-stop services In-service software upgrades MPLS fast reroute (FRR) Link aggregation groups (LAG) and multi-chassis LAG (MC-LAG) Non-stop routing and non-stop service are intelligent hitless solutions to eliminate the possibly catastrophic effects of control plane failures. In contrast to earlier solutions such as graceful restart and non-stop forwarding, this means that if a software or hardware control complex fault occurs, there are no resulting service outages and no SLA violations. Link resiliency features in the network design including MPLS fast reroute, LAG and MC-LAG ensure that services can remain up and running even in the presence of unavoidable link failures. While network faults do occur, these features enable service providers to address them in the background while their enterprise customers remain always-on. Timely fault isolation Service-aware OAM tools are key to helping operators identify, isolate and troubleshoot service and network faults. This minimizes downtime during planned and unplanned network events. A comprehensive toolkit will include service-level OAM tests and network-level OAM tests, plus support for standards such as IEEE 802.3ah to allow service providers to isolate faults and remedy the affected customers quickly. Working with network and service management applications, such OAM tools, allows the operator to establish proactive monitoring policies, efficient service provisioning, verification policies and advanced fault isolation practices to ensure rapid resolution without compromising SLAs. enriching communications > volume 1, issue 2 >

6 Streamlined operations and maintenance Managing a VPN service portfolio is complex. Service providers require a solution more advanced than the usual physical layer management functions normally offered by traditional elementmanagement systems. An advanced IP management solution should be more than a collection of many point solutions that increase costs and take time to deploy. To scale effectively, service providers must ensure their management systems not only provide effective element, network and service FCAPS (Fault, Configuration, Accounting, Performance, Security) control, but also provide the correlation between the layers as well (Figure 3). Figure 3: VPN Service Management System Managing Services in Context of the Network Infrastructure Service Management (Managing Customer Service) Network Management (Managing Logically Linked Nodes) Element Management (Managing Physical Hardware) Value is the Correlation Between Layers Service Aware Management The Need for Service Portals Enterprises welcome the opportunity to outsource network operations, but technology managers are unwilling to relinquish control and visibility of network performance completely. A portal to monitor or request changes to their VPN service can address technology managers concerns. Web-based customer service portals that address this requirement can make a difference. A 2006 Alcatel-Lucent survey of large enterprises revealed that 61% had access to a service portal, but only 25% of technology managers indicated they were happy with their portal s control features. Key elements of an effective service portal include: Detailed monitoring and reporting by user, port, service, application, location or QoS level to evaluate current performance and anticipate future needs SLA performance tracking Trouble ticket entry and monitoring Flexibility to change bandwidth allocations by service or QoS level to respond to ad-hoc requests Flexible billing Service order entry and tracking Inventory tracking enriching communications > volume 1, issue 2 >

7 These customer portal features enable the enterprise to outsource services while retaining as much control as they need. Ideally, a service portal allows technology managers to do away with premisesbased performance reporting applications and appliances. The resulting CAPEX and OPEX savings justify the price of a premium portal solution. Alcatel-Lucent Managed Networking Services Alcatel-Lucent is at the forefront of providing Premium VPN solutions, including Premium IP-VPNs, Carrier Ethernet VPNs based on VPLS and Virtual Private Wire Services that address current and future enterprise and service provider challenges. Premium VPNs are a key component of the Alcatel-Lucent Managed Networking Service Solution. The Alcatel-Lucent Service Routing portfolio includes the 7750 Service Router (SR), 7710 SR, 7450 Ethernet Service Switch/Router (ESS) and 5620 Service Aware Manager (SAM), complemented by a comprehensive access portfolio and professional services. This combination of capabilities enables best-in-class services to assure high quality of experience and uninterrupted services for the always-on enterprise. Rene Latraverse is Director-Solutions Marketing, IP Division, (Ottawa, Ontario), Canada. Alcatel, Lucent, Alcatel-Lucent and the Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other trademarks are the property of their respective owners. The information presented is subject to change without notice. Alcatel-Lucent assumes no responsibility for inaccuracies contained herein Alcatel-Lucent. All rights reserved. enriching communications > volume 1, issue 2 >

Best Effort gets Better with MPLS Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications A White Paper on Multiprotocol Label Switching October,

Managed Networking Services Powering the Always-On Enterprise A managed VPN solution for enterprises that meets new business critical application needs while improving efficiency and reducing costs, without

Delivering Dedicated Internet Access (DIA) and IP Services with Converged L2 and L3 Access Device THE NEED Communications Service providers (CSPs) have been transitioning from legacy SONET/SDH to IP and

Simwood Carrier Ethernet Simwood Carrier Ethernet is a high security, low latency means to connect sites or services either point-to-point or as a mesh. We use a number of technologies on top of our own

WAN and VPN Solutions: Choosing the Best Type for Your Organization xo.com WAN and VPN Solutions: Choosing the Best Type for Your Organization WAN and VPN Solutions: Choosing the Best Type for Your Organization

Technical Paper Evaluating Carrier-Class Ethernet Services Demand for Ethernet-based services is on the rise, and the key driving force behind this is continuous growth of data traffic in the metro/access

Alcatel-Lucent 1850 TSS Product Family Seamlessly migrate from SDH/SONET to packet The Alcatel-Lucent 1850 Transport Service Switch (TSS) products are a family of Packet-Optical Transport switches that

APPLICATION NOTE Network Transformation: TDM Services on a Packet Network Abstract Operators must decide how to transform their existing networks from SDH/SONET to MPLS and how to effectively serve their

Carrier Ethernet SLAs Technology Advancements to Differentiate and Improve Operational Efficiency May 2011 ABSTRACT High-capacity, low-latency connectivity is important for the new generation of Ethernet-based

Whitepaper Application Performance Management for Enterprise WANs A 3 makes a significant difference to my ability to see what is actually going on and to align my available resource to the most critical

Virtual Private LAN Service (VPLS) A WAN that thinks it s a LAN. VPLS is a high security, low latency means to connect sites or services either point-to-point or as a mesh. We use Virtual Private LAN Service

Reasons to Choose the Juniper ON Enterprise Network Juniper s enterprise access products meet the always-on needs of today s enterprises by delivering solutions that are reliable, simple, and smart. The

Choosing Ethernet Services IS ETHERNET THE RIGHT CHOICE FOR YOUR NETWORK? Business Ethernet Including Ethernet over Copper (EoC) and Ethernet over Digital Signal Cross-connect (EoDSx) Delivers Cost- Effective,

In cooperation with Building Access Networks that Support Carrier Ethernet 2.0 Services and SDN COMMTECH Show Toronto, April 15-16 Mississauga Center by Pasquale Tagliarini Senior Solutions Engineer Agenda

The Keys for Campus Networking: Introduction Internet Protocol (IP) is considered the working-horse that the vast majority of current and future applications use as the key technology for information exchange,

Ethernet Wide Area Networking, Routers or Switches and Making the Right Choice The Road To Ethernet WAN Various industry sources show trends in globalization and distribution, of employees moving towards

APPLICATION NOTE Overcoming Application Performance Challenges with Application-Assured Business VPN Services Abstract Operators face many challenges as they strive to keep pace with the demand from small,

Virtual Private LAN Service (VPLS) Walking through Wan history, from the early days Leased lines Customers subscribe to dedicated point-to-point links Cost prohibitive for customers Started in the 1980

Vodafone IP-VPN Next-generation connectivity for enterprises Vodafone Power to you Is increasing reliance on your enterprise network holding back business? The enterprise network is critical to business

UNDERSTANDING BUSINESS ETHERNET SERVICES EMPOWER YOUR BUSINESS TO MEET 21ST CENTURY DEMANDS INTRODUCTION The network is your business has been a mantra for many years indicating how businesses rely more

How Proactive Business Continuity Can Protect and Grow Your Business For most companies, business continuity planning is instantly equated with disaster recovery the reactive ability of a business to continue

The Role of Carrier Ethernet in Business Applications Examining the Choices for your Business Applications February 2012 Positioning Paper Page 1 of 11 Table of Contents 1 Introduction... 3 2 Characteristics

EMPOWER YOUR BUSINESS TO MEET 21ST CENTURY DEMANDS INTRODUCTION The network is your business has been a mantra for many years indicating how businesses rely more heavily on being networked between their

Business Services Is Ethernet the Right Choice for Your Network? Learn More: Call us at 877.634.2728. www.megapath.com Is Ethernet the Right Choice for Your Network? Business Ethernet including Ethernet

ethernet services for multi-site connectivity security, performance, ip transparency INTRODUCTION Interconnecting three or more sites across a metro or wide area network has traditionally been accomplished

MPLS IP-VPN Overview XO MPLS IP-VPN is a multi-site, private networking service for IP data and voice transport Uses MPLS and is competitive with legacy services such as ATM, Frame-Relay, and long-haul

Managed Services: Taking Advantage of Managed Services in the High-End Enterprise What You Will Learn This document explores the challenges and solutions for high-end enterprises using managed services.

executive brief: data networking Dynamic Verizon Ethernet Solutions for the Extended Manufacturing Enterprise Executive Summary Comprised of both internal and external organizations, including a company

Cisco Catalyst 3750 Metro Series Switches Product Overview Q. What are Cisco Catalyst 3750 Metro Series Switches? A. The Cisco Catalyst 3750 Metro Series is a new line of premier, customer-located switches

The Business Case for Ethernet Services Whitepaper Sponsored by Time Warner Cable Business Class Executive Summary Network-based applications such as Voice over IP (VoIP), cloud, collaboration services

Leveraging Microwave Packet Radio to Enhance and Extend IP/MPLS Backhaul Application Note Abstract Mobile service providers (MSPs) are facing a highly competitive environment in a period of unrelenting

Transport for Enterprise VoIP Services Introduction Many carriers are looking to advanced packet services as an opportunity to generate new revenue or lower costs. These services, which include VoIP, IP

APPLICATION NOTE Next-Generation Oil and Gas Company Networking Building a Better Network with IP/MPLS Abstract Oil and gas companies are experienced at building and operating reliable and effective networks

Mastering Network Design with MPLS Overview In this paper, enterprise CIOs, IT&T professionals and network architects will learn how to improve productivity and security by designing multi-location Virtual

Application Notes EDD-Ethernet Demarcation Device IERU Communications Ltd EDD Page 1 of 8 2000 EDD Introduction: As the benefits of Ethernet networking in the metro and wide-area have become clear, service

Driving Service Delivery with SLA Performance Management Providers #1 competitive advantage Service providers more and more depend on Ethernet services as the networks are evolving from traditional voice

APPLICATION NOTE Enhanced Application Management and Reporting for Application-Assured Business VPN Services Abstract The current pace of technological evolution presents the typical enterprise IT organization

T E C H N O L O G Y W H I T E P A P E R Flexible Service Access for Business VPNs Operators face many challenges as they strive to keep pace with demand for business services from small, medium and large

Extraordinary UK Ethernet Ethernet Guide. The world of 21CN Ethernet connectivity can be a daunting place. As one of the leading forces in Ethernet Aggregation in the UK, we've seen our fair share of poor

Change is Good By K. Yates The past 10 to 15 years have seen a shift in how executives view IT/telecom infrastructure. In the 1990s, executives managed IT/telecom to reduce its cost; in the early to mid-2000s,

Create a Secure Private Network for Cloud Computing Learn More: Call us at 877.634.2728. www.megapath.com MegaPath s Secure Private Cloud for Networking Your business may be considering a move to the cloud

Cisco ASR 9000 Series: Carrier Ethernet Architectures The initial phase of network migrations in the past several years was based on the consolidation of networks over the IP/Multiprotocol Label Switching

Service Assured Networking for Power Utilities Application Brochure Operational Core Network Using Carrier-Grade Ethernet Typical users: Transmission & Distribution Power Utilities For more than 30 years,

WHY CHOOSE COX BUSINESS FOR YOUR COMPANY S NETWORK SERVICE NEEDS? This document provides an overview of the Cox Business portfolio of business networking services and explains why customers should consider